From 02aedd234c27152ce5964ab2b215fd322f9a2ed7 Mon Sep 17 00:00:00 2001 From: 21pages Date: Wed, 28 Sep 2022 20:48:14 +0800 Subject: [PATCH] prompt foreground window elevation Signed-off-by: 21pages --- Cargo.lock | 10 ---- Cargo.toml | 1 - libs/hbb_common/protos/message.proto | 1 + src/client/io_loop.rs | 9 ++++ src/lang/cn.rs | 1 + src/lang/cs.rs | 1 + src/lang/da.rs | 1 + src/lang/de.rs | 1 + src/lang/en.rs | 3 +- src/lang/eo.rs | 1 + src/lang/es.rs | 1 + src/lang/fr.rs | 1 + src/lang/hu.rs | 1 + src/lang/id.rs | 1 + src/lang/it.rs | 1 + src/lang/ja.rs | 1 + src/lang/ko.rs | 1 + src/lang/kz.rs | 1 + src/lang/pl.rs | 1 + src/lang/pt_PT.rs | 1 + src/lang/ptbr.rs | 1 + src/lang/ru.rs | 1 + src/lang/sk.rs | 1 + src/lang/template.rs | 1 + src/lang/tr.rs | 1 + src/lang/tw.rs | 1 + src/lang/vn.rs | 1 + src/platform/windows.rs | 72 ++++++++++++++++++++++++++-- src/server/connection.rs | 30 +++++++----- src/server/video_service.rs | 13 +++-- 30 files changed, 131 insertions(+), 30 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 48f47a86f..55949fe8b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2601,15 +2601,6 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b" -[[package]] -name = "is_elevated" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5299060ff5db63e788015dcb9525ad9b84f4fd9717ed2cbdeba5018cbf42f9b5" -dependencies = [ - "winapi 0.3.9", -] - [[package]] name = "itertools" version = "0.9.0" @@ -4348,7 +4339,6 @@ dependencies = [ "hound", "impersonate_system", "include_dir", - "is_elevated", "jni", "lazy_static", "libc", diff --git a/Cargo.toml b/Cargo.toml index f8b93c2cd..919f39d1c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -91,7 +91,6 @@ winapi = { version = "0.3", features = ["winuser"] } winreg = "0.10" windows-service = "0.4" virtual_display = { path = "libs/virtual_display" } -is_elevated = "0.1.2" impersonate_system = { git = "https://github.com/21pages/impersonate-system" } [target.'cfg(target_os = "macos")'.dependencies] diff --git a/libs/hbb_common/protos/message.proto b/libs/hbb_common/protos/message.proto index 1ed538759..1f3d24157 100644 --- a/libs/hbb_common/protos/message.proto +++ b/libs/hbb_common/protos/message.proto @@ -557,6 +557,7 @@ message Misc { BackNotification back_notification = 13; bool restart_remote_device = 14; bool uac = 15; + bool foreground_window_elevated = 16; } } diff --git a/src/client/io_loop.rs b/src/client/io_loop.rs index 619c67b79..7e3bbb3dc 100644 --- a/src/client/io_loop.rs +++ b/src/client/io_loop.rs @@ -985,6 +985,15 @@ impl Remote { .msgbox("custom-uac-nocancel", "Warning", "uac_warning"); } } + Some(misc::Union::ForegroundWindowElevated(elevated)) => { + if elevated { + self.handler.msgbox( + "custom-elevated-foreground-nocancel", + "Warning", + "elevated_foreground_window_warning", + ); + } + } _ => {} }, Some(message::Union::TestDelay(t)) => { diff --git a/src/lang/cn.rs b/src/lang/cn.rs index ab92b047b..3dc5dc434 100644 --- a/src/lang/cn.rs +++ b/src/lang/cn.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", "提示"), ("elevation_prompt", "以当前用户权限运行软件,可能导致远端在访问本机时,没有足够的权限来操作部分窗口。"), ("uac_warning", "暂时无法访问远端设备,因为远端设备正在请求用户账户权限,请等待对方关闭UAC窗口。为避免这个问题,建议在远端设备上安装或者以管理员权限运行本软件。"), + ("elevated_foreground_window_warning", "暂时无法使用鼠标键盘,因为远端桌面的当前窗口需要更高的权限才能操作, 可以请求对方最小化当前窗口。为避免这个问题,建议在远端设备上安装或者以管理员权限运行本软件。"), ].iter().cloned().collect(); } diff --git a/src/lang/cs.rs b/src/lang/cs.rs index 8c89e5552..81df20cc9 100644 --- a/src/lang/cs.rs +++ b/src/lang/cs.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/da.rs b/src/lang/da.rs index 18f5af14e..18e4e4949 100644 --- a/src/lang/da.rs +++ b/src/lang/da.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/de.rs b/src/lang/de.rs index 0f8fe34b3..df7c5f238 100644 --- a/src/lang/de.rs +++ b/src/lang/de.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/en.rs b/src/lang/en.rs index e4c862203..279f26cd1 100644 --- a/src/lang/en.rs +++ b/src/lang/en.rs @@ -32,5 +32,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Are you sure to close the connection?", "Are you sure you want to close the connection?"), ("elevation_prompt", "Running software without privilege elevation may cause problems when remote users operate certain windows."), ("uac_warning", "Temporarily denied access due to elevation request, please wait for the remote user to accept the UAC dialog. To avoid this problem, it is recommended to install the software on the remote device or run it with administrator privileges."), - ].iter().cloned().collect(); + ("elevated_foreground_window_warning", "Temporarily unable to use the mouse and keyboard, because the current window of the remote desktop requires higher privilege to operate, you can request the remote user to minimize the current window. To avoid this problem, it is recommended to install the software on the remote device or run it with administrator privileges."), + ].iter().cloned().collect(); } diff --git a/src/lang/eo.rs b/src/lang/eo.rs index 226255eb3..578f9cef4 100644 --- a/src/lang/eo.rs +++ b/src/lang/eo.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/es.rs b/src/lang/es.rs index 5a31d730b..42470b120 100644 --- a/src/lang/es.rs +++ b/src/lang/es.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/fr.rs b/src/lang/fr.rs index cf9109378..ce054a021 100644 --- a/src/lang/fr.rs +++ b/src/lang/fr.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/hu.rs b/src/lang/hu.rs index 17467077a..caf74eaaa 100644 --- a/src/lang/hu.rs +++ b/src/lang/hu.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/id.rs b/src/lang/id.rs index 57e5669ae..e993f2042 100644 --- a/src/lang/id.rs +++ b/src/lang/id.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/it.rs b/src/lang/it.rs index 1c59a319d..2f5115171 100644 --- a/src/lang/it.rs +++ b/src/lang/it.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/ja.rs b/src/lang/ja.rs index a20b5436a..c5ebb9b15 100644 --- a/src/lang/ja.rs +++ b/src/lang/ja.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/ko.rs b/src/lang/ko.rs index 1c11c54e3..069210625 100644 --- a/src/lang/ko.rs +++ b/src/lang/ko.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/kz.rs b/src/lang/kz.rs index 6c576b497..45f2ecdc5 100644 --- a/src/lang/kz.rs +++ b/src/lang/kz.rs @@ -362,5 +362,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/pl.rs b/src/lang/pl.rs index 983fe5b48..bcef81afc 100644 --- a/src/lang/pl.rs +++ b/src/lang/pl.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/pt_PT.rs b/src/lang/pt_PT.rs index 13f645d95..3e1c505e6 100644 --- a/src/lang/pt_PT.rs +++ b/src/lang/pt_PT.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/ptbr.rs b/src/lang/ptbr.rs index 66636bc20..7d8ce5ac7 100644 --- a/src/lang/ptbr.rs +++ b/src/lang/ptbr.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/ru.rs b/src/lang/ru.rs index 205874a5b..30bc52d95 100644 --- a/src/lang/ru.rs +++ b/src/lang/ru.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/sk.rs b/src/lang/sk.rs index a0ec2682a..5c3b7ef6e 100644 --- a/src/lang/sk.rs +++ b/src/lang/sk.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/template.rs b/src/lang/template.rs index 20112dd81..2a2d6eb8a 100644 --- a/src/lang/template.rs +++ b/src/lang/template.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/tr.rs b/src/lang/tr.rs index 1df6473d7..8daa4bb88 100644 --- a/src/lang/tr.rs +++ b/src/lang/tr.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/lang/tw.rs b/src/lang/tw.rs index 271bfc829..5f9a6632c 100644 --- a/src/lang/tw.rs +++ b/src/lang/tw.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", "提示"), ("elevation_prompt", "以當前用戶權限運行軟件,可能導致遠端在訪問本機時,沒有足夠的權限來操作部分窗口。"), ("uac_warning", "暂时无法访问远端设备,因为远端设备正在请求用户账户权限,请等待对方关闭UAC窗口。为避免这个问题,建议在远端设备上安装或者以管理员权限运行本软件。"), + ("elevated_foreground_window_warning", "暫時無法使用鼠標鍵盤,因為遠端桌面的當前窗口需要更高的權限才能操作, 可以請求對方最小化當前窗口。為避免這個問題,建議在遠端設備上安裝或者以管理員權限運行本軟件。"), ].iter().cloned().collect(); } diff --git a/src/lang/vn.rs b/src/lang/vn.rs index 9f6841d10..541436331 100644 --- a/src/lang/vn.rs +++ b/src/lang/vn.rs @@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> = ("Prompt", ""), ("elevation_prompt", ""), ("uac_warning", ""), + ("elevated_foreground_window_warning", ""), ].iter().cloned().collect(); } diff --git a/src/platform/windows.rs b/src/platform/windows.rs index be549f7e1..b5a595b5a 100644 --- a/src/platform/windows.rs +++ b/src/platform/windows.rs @@ -14,11 +14,21 @@ use std::{ time::{Duration, Instant}, }; use winapi::{ + ctypes::c_void, shared::{minwindef::*, ntdef::NULL, windef::*}, um::{ - errhandlingapi::GetLastError, handleapi::CloseHandle, minwinbase::STILL_ACTIVE, - processthreadsapi::GetExitCodeProcess, shellapi::ShellExecuteA, winbase::*, wingdi::*, - winnt::HANDLE, winuser::*, + errhandlingapi::GetLastError, + handleapi::CloseHandle, + minwinbase::STILL_ACTIVE, + processthreadsapi::{GetCurrentProcess, GetExitCodeProcess, OpenProcess, OpenProcessToken}, + securitybaseapi::GetTokenInformation, + shellapi::ShellExecuteA, + winbase::*, + wingdi::*, + winnt::{ + TokenElevation, HANDLE, PROCESS_QUERY_LIMITED_INFORMATION, TOKEN_ELEVATION, TOKEN_QUERY, + }, + winuser::*, }, }; use windows_service::{ @@ -1463,7 +1473,7 @@ pub fn run_as_system(arg: &str) -> ResultType<()> { } pub fn run_check_elevation(arg: &str) { - if !is_elevated::is_elevated() { + if let Ok(false) = is_elevated(None) { if let Ok(true) = elevate(arg) { std::process::exit(0); } else { @@ -1480,3 +1490,57 @@ pub fn run_check_elevation(arg: &str) { } } } + +// https://github.com/mgostIH/process_list/blob/master/src/windows/mod.rs +#[repr(transparent)] +pub(self) struct RAIIHandle(pub HANDLE); + +impl Drop for RAIIHandle { + fn drop(&mut self) { + // This never gives problem except when running under a debugger. + unsafe { CloseHandle(self.0) }; + } +} + +pub fn is_elevated(process_id: Option) -> ResultType { + unsafe { + let handle: HANDLE = match process_id { + Some(process_id) => OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, process_id), + None => GetCurrentProcess(), + }; + if handle == NULL { + bail!("Failed to open process, errno {}", GetLastError()) + } + let _handle = RAIIHandle(handle); + let mut token: HANDLE = mem::zeroed(); + if OpenProcessToken(handle, TOKEN_QUERY, &mut token) == FALSE { + bail!("Failed to open process token, errno {}", GetLastError()) + } + let _token = RAIIHandle(token); + let mut token_elevation: TOKEN_ELEVATION = mem::zeroed(); + let mut size: DWORD = 0; + if GetTokenInformation( + token, + TokenElevation, + (&mut token_elevation) as *mut _ as *mut c_void, + mem::size_of::() as _, + &mut size, + ) == FALSE + { + bail!("Failed to get token information, errno {}", GetLastError()) + } + + Ok(token_elevation.TokenIsElevated != 0) + } +} + +pub fn is_foreground_window_elevated() -> ResultType { + unsafe { + let mut process_id: DWORD = 0; + GetWindowThreadProcessId(GetForegroundWindow(), &mut process_id); + if process_id == 0 { + bail!("Failed to get processId, errno {}", GetLastError()) + } + is_elevated(Some(process_id)) + } +} diff --git a/src/server/connection.rs b/src/server/connection.rs index 056c906fa..8ad408885 100644 --- a/src/server/connection.rs +++ b/src/server/connection.rs @@ -230,7 +230,8 @@ impl Connection { #[cfg(not(any(target_os = "android", target_os = "ios")))] std::thread::spawn(move || Self::handle_input(rx_input, tx_cloned)); let mut second_timer = time::interval(Duration::from_secs(1)); - let mut uac = false; + let mut last_uac = false; + let mut last_foreground_window_elevated = false; loop { tokio::select! { @@ -403,16 +404,23 @@ impl Connection { } }, _ = second_timer.tick() => { - let is_uac = crate::video_service::IS_UAC_RUNNING.lock().unwrap().clone(); - if uac != is_uac { - if !crate::platform::is_installed() && !crate::platform::is_root() { - uac = is_uac; - let mut misc = Misc::new(); - misc.set_uac(uac); - let mut msg = Message::new(); - msg.set_misc(misc); - conn.inner.send(msg.into()); - } + let uac = crate::video_service::IS_UAC_RUNNING.lock().unwrap().clone(); + if last_uac != uac { + last_uac = uac; + let mut misc = Misc::new(); + misc.set_uac(uac); + let mut msg = Message::new(); + msg.set_misc(misc); + conn.inner.send(msg.into()); + } + let foreground_window_elevated = crate::video_service::IS_FOREGROUND_WINDOW_ELEVATED.lock().unwrap().clone(); + if last_foreground_window_elevated != foreground_window_elevated { + last_foreground_window_elevated = foreground_window_elevated; + let mut misc = Misc::new(); + misc.set_foreground_window_elevated(foreground_window_elevated); + let mut msg = Message::new(); + msg.set_misc(misc); + conn.inner.send(msg.into()); } } _ = test_delay_timer.tick() => { diff --git a/src/server/video_service.rs b/src/server/video_service.rs index 25806f0aa..ad6f5f620 100644 --- a/src/server/video_service.rs +++ b/src/server/video_service.rs @@ -53,6 +53,7 @@ lazy_static::lazy_static! { static ref IS_CAPTURER_MAGNIFIER_SUPPORTED: bool = is_capturer_mag_supported(); pub static ref VIDEO_QOS: Arc> = Default::default(); pub static ref IS_UAC_RUNNING: Arc> = Default::default(); + pub static ref IS_FOREGROUND_WINDOW_ELEVATED: Arc> = Default::default(); } fn is_capturer_mag_supported() -> bool { @@ -454,7 +455,7 @@ fn run(sp: GenericService) -> ResultType<()> { #[cfg(any(target_os = "android", target_os = "ios"))] let recorder: Arc>> = Default::default(); #[cfg(windows)] - start_uac_check(); + start_uac_elevation_check(); while sp.ok() { #[cfg(windows)] @@ -838,15 +839,21 @@ fn get_current_display() -> ResultType<(usize, usize, Display)> { } #[cfg(windows)] -fn start_uac_check() { +fn start_uac_elevation_check() { static START: Once = Once::new(); START.call_once(|| { - if !crate::platform::is_installed() && !crate::platform::is_root() { + if !crate::platform::is_installed() + && !crate::platform::is_root() + && !crate::platform::is_elevated(None).map_or(false, |b| b) + { std::thread::spawn(|| loop { std::thread::sleep(std::time::Duration::from_secs(1)); if let Ok(uac) = crate::ui::win_privacy::is_process_consent_running() { *IS_UAC_RUNNING.lock().unwrap() = uac; } + if let Ok(elevated) = crate::platform::is_foreground_window_elevated() { + *IS_FOREGROUND_WINDOW_ELEVATED.lock().unwrap() = elevated; + } }); } });